package com.adun.springsecurityoauth2demo.controller;

import io.jsonwebtoken.Jwts;
import org.springframework.http.HttpRequest;
import org.springframework.security.core.Authentication;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

import javax.servlet.http.HttpServletRequest;
import java.nio.charset.StandardCharsets;

/**
 * @author Zhu Dunfeng
 * @date 2021/7/12 23:06
 */
@RestController
@RequestMapping(value ="/user")
public class UserController {

    @RequestMapping(value = "getCurrentUser")
    public Object getCurrentUser(Authentication authentication, HttpServletRequest request){
//        return authentication.getPrincipal();
        //解析oauth2类型的token
        String header = request.getHeader("Authorization");
        //截取出token,bearer+一个空格=7
        String token = header.substring(header.lastIndexOf("bearer") + 7);
        return Jwts.parser()
                .setSigningKey("test_key".getBytes(StandardCharsets.UTF_8))
                .parseClaimsJws(token)
                .getBody();

    }

}
